Aggregator

CVE-2025-30024 | Axis Device Manager Communication Protocol certificate validation (EUVD-2025-21111 / WID-SEC-2025-1765)

Vuldb Updates
2 months 1 week ago
A vulnerability marked as critical has been reported in Axis Device Manager. This issue affects some unknown processing of the component Communication Protocol Handler. Performing a manipulation results in improper certificate validation. This vulnerability is cataloged as CVE-2025-30024. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-30025 | Axis Device Manager/Camera Station Pro/Camera Station Communication Protocol deserialization (EUVD-2025-21110 / WID-SEC-2025-1765)

Vuldb Updates
2 months 1 week ago
A vulnerability classified as problematic has been found in Axis Device Manager, Camera Station Pro and Camera Station. The affected element is an unknown function of the component Communication Protocol Handler. The manipulation leads to deserialization. This vulnerability is documented as CVE-2025-30025. The attack needs to be performed locally. There is not any exploit available.
vuldb.com

CVE-2025-34026 | Versa Concerto up to 12.2.0 Internal Actuator Endpoint improper authentication (EUVD-2025-16087)

Vuldb Updates
2 months 1 week ago
A vulnerability, which was classified as critical, has been found in Versa Concerto up to 12.2.0. Affected by this vulnerability is an unknown functionality of the component Internal Actuator Endpoint. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2025-34026. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com

CVE-2025-31130 | GitoxideLabs gitoxide up to 0.41.x sha1_smol/sha1 weak hash (GHSA-2frx-2596-x5r6)

Vuldb Updates
2 months 1 week ago
A vulnerability classified as problematic was found in GitoxideLabs gitoxide up to 0.41.x. Impacted is an unknown function of the component sha1_smol/sha1. Executing a manipulation can lead to use of weak hash. This vulnerability is tracked as CVE-2025-31130. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2025-32146 | JoomSky JS Job Manager Plugin up to 2.0.2 on WordPress filename control

Vuldb Updates
2 months 1 week ago
A vulnerability was found in JoomSky JS Job Manager Plugin up to 2.0.2 on WordPress and classified as critical. Affected by this issue is some unknown functionality. Executing a manipulation can lead to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is registered as CVE-2025-32146. It is possible to launch the attack remotely. No exploit is available.
vuldb.com

CVE-2025-30651 | Juniper Junos OS/Junos OS Evolved Routing Protocol Daemon buffer access with incorrect length value (JSA96461)

Vuldb Updates
2 months 1 week ago
A vulnerability classified as critical was found in Juniper Junos OS and Junos OS Evolved. This affects an unknown part of the component Routing Protocol Daemon. Such manipulation leads to buffer access with incorrect length value. This vulnerability is uniquely identified as CVE-2025-30651. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2025-30653 | Juniper Junos OS/Junos OS Evolved Routing Protocol Daemon expired pointer dereference (JSA96463 / Nessus ID 234095)

Vuldb Updates
2 months 1 week ago
A vulnerability, which was classified as critical, has been found in Juniper Junos OS and Junos OS Evolved. This vulnerability affects unknown code of the component Routing Protocol Daemon. Performing a manipulation results in expired pointer dereference. This vulnerability was named CVE-2025-30653. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-30656 | Juniper Junos OS up to 24.2R1-S2 additional special element (JSA96466 / Nessus ID 234087)

Vuldb Updates
2 months 1 week ago
A vulnerability, which was classified as critical, was found in Juniper Junos OS up to 24.2R1-S2. This issue affects some unknown processing. Executing a manipulation can lead to improper handling of additional special element. The identification of this vulnerability is CVE-2025-30656. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2025-30654 | Juniper Junos OS/Junos OS Evolved User Interface information disclosure (JSA96464)

Vuldb Updates
2 months 1 week ago
A vulnerability has been found in Juniper Junos OS and Junos OS Evolved and classified as problematic. Impacted is an unknown function of the component User Interface. The manipulation leads to information disclosure. This vulnerability is referenced as CVE-2025-30654. The attack can only be performed from a local environment. No exploit is available. The affected component should be upgraded.
vuldb.com

CVE-2025-30652 | Juniper Junos OS/Junos OS Evolved Routing Protocol Daemon exceptional condition (JSA96462)

Vuldb Updates
2 months 1 week ago
A vulnerability was found in Juniper Junos OS and Junos OS Evolved and classified as problematic. The affected element is an unknown function of the component Routing Protocol Daemon. The manipulation results in handling of exceptional conditions. This vulnerability is identified as CVE-2025-30652. The attack is only possible with local access. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-30655 | Juniper Junos OS/Junos OS Evolved Routing Protocol Daemon unusual condition (JSA96465)

Vuldb Updates
2 months 1 week ago
A vulnerability was found in Juniper Junos OS and Junos OS Evolved. It has been classified as problematic. The impacted element is an unknown function of the component Routing Protocol Daemon. This manipulation causes improper check for unusual conditions. This vulnerability is tracked as CVE-2025-30655. The attack is restricted to local execution. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-30657 | Juniper Junos OS up to 21.2R3-S8/22.2R3-S5/22.4R2/23.2R1-S2/23.2R1 BGP Update Message escape output (JSA96467 / Nessus ID 234096)

Vuldb Updates
2 months 1 week ago
A vulnerability has been found in Juniper Junos OS up to 21.2R3-S8/22.2R3-S5/22.4R2/23.2R1-S2/23.2R1 and classified as problematic. This affects an unknown function of the component BGP Update Message Handler. This manipulation causes escaping of output. The identification of this vulnerability is CVE-2025-30657. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.
vuldb.com

CVE-2025-30658 | Juniper Junos OS up to 24.2R1 on SRX Anti-Virus Processing memory leak (JSA96469 / Nessus ID 234089)

Vuldb Updates
2 months 1 week ago
A vulnerability was found in Juniper Junos OS up to 24.2R1 on SRX and classified as critical. This impacts an unknown function of the component Anti-Virus Processing. Such manipulation leads to memory leak. This vulnerability is referenced as CVE-2025-30658. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-30659 | Juniper Junos OS Packet Forwarding Engine length parameter (JSA96470 / Nessus ID 234086)

Vuldb Updates
2 months 1 week ago
A vulnerability was found in Juniper Junos OS up to 22.2R3-S5/22.4R3-S5/23.2R2-S2/23.4R2-S3/24.2R1. It has been classified as critical. Affected is an unknown function of the component Packet Forwarding Engine. Performing a manipulation results in improper handling of length parameter inconsistency. This vulnerability is identified as CVE-2025-30659. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.
vuldb.com

Microsoft Shares BitLocker Keys with FBI to Unlock Encrypted Laptops in Guam Fraud Investigation

Cyber Security News
2 months 1 week ago

Microsoft gave U.S. federal agents the digital keys needed to unlock three encrypted laptops linked to a massive COVID unemployment scam in Guam. This case shows how cloud-stored encryption keys can help law enforcement, but also raises big privacy worries for everyday users. Early last year, in 2025, FBI investigators in Guam got a search […]

The post Microsoft Shares BitLocker Keys with FBI to Unlock Encrypted Laptops in Guam Fraud Investigation appeared first on Cyber Security News.

Guru Baran

Hackers Exploiting telnetd Vulnerability for Root Access – Public PoC Released

Cyber Security News
2 months 1 week ago

Active exploitation of a critical authentication bypass vulnerability in the GNU InetUtils telnetd server (CVE-2026-24061) has been observed in the wild, allowing unauthenticated attackers to gain root access to Linux systems. The vulnerability, which affects GNU InetUtils versions 1.9.3 through 2.7, enables remote code execution by manipulating the USER environment variable passed during the Telnet […]

The post Hackers Exploiting telnetd Vulnerability for Root Access – Public PoC Released appeared first on Cyber Security News.

Guru Baran

Qilin

Dark Feed IO
2 months 1 week ago

You must login to view this content

cohenido

CVE-2025-54918

CVE Trends
2 months 1 week ago
Currently trending CVE - Hype Score: 14 - Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

CVE-2024-23265

CVE Trends
2 months 1 week ago
Currently trending CVE - Hype Score: 12 - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to ...

Managed ad